@wix/sdk 1.12.11 → 1.12.13

package/build/ambassador-modules.d.ts

@@ -1,5 +1,3 @@
 import type { HttpClient as SDKHttpClient, AmbassadorFactory } from '@wix/sdk-types';
-import { RESTModuleOptions } from './rest-modules.js';
 export declare const toHTTPModule: <Request_1, Response_1>(factory: AmbassadorFactory<Request_1, Response_1>) => (httpClient: SDKHttpClient) => (payload: Request_1) => Promise<Response_1>;
-export declare const ambassadorModuleOptions: () => RESTModuleOptions;
 export declare const isAmbassadorModule: (module: any) => boolean;

package/build/ambassador-modules.js

@@ -73,9 +73,6 @@ export const toHTTPModule = (factory) => (httpClient) => async (payload) => {
         throw e;
     }
 };
-export const ambassadorModuleOptions = () => ({
-    HTTPHost: self.location.host,
-});
 /*
  * Because of issues with tree-shaking, we cant really put static parameter on module.
  * We still have check for __isAmbassador for backward compatibility

package/build/auth/oauth2/OAuthStrategy.js

@@ -2,7 +2,7 @@ import { createClient } from '../../wixClient.js';
 import { redirects } from '@wix/redirects';
 import { createAccessToken, isTokenExpired } from '../../tokenHelpers.js';
 import { authentication, recovery, verification } from '@wix/identity';
-import { API_URL } from '../../common.js';
+import { DEFAULT_API_URL } from '../../common.js';
 import { LoginState, TokenRole, } from './types.js';
 import { addPostMessageListener, loadFrame } from '../../iframeUtils.js';
 import { EMAIL_EXISTS, INVALID_CAPTCHA, INVALID_PASSWORD, MISSING_CAPTCHA, RESET_PASSWORD, } from './constants.js';
@@ -358,7 +358,7 @@ export function OAuthStrategy(config) {
     };
 }
 const fetchTokens = async (payload, headers = {}) => {
-    const res = await fetch(`https://${API_URL}/oauth2/token`, {
+    const res = await fetch(`https://${DEFAULT_API_URL}/oauth2/token`, {
         method: 'POST',
         body: JSON.stringify(payload),
         headers: {

package/build/auth/oauth2/pkce-challenge.js

@@ -1,5 +1,4 @@
-import SHA256 from 'crypto-js/sha256.js';
-import encBase64url from 'crypto-js/enc-base64url.js';
+import { sha256 } from './sha256.js';
 export function pkceChallenge(length) {
     if (!length) {
         length = 43;
@@ -18,7 +17,7 @@ function generateVerifier(length) {
     return random(length);
 }
 export function generateChallenge(code_verifier) {
-    return SHA256(code_verifier).toString(encBase64url);
+    return base64urlencode(sha256(code_verifier));
 }
 function random(size) {
     const mask = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._~';
@@ -31,3 +30,12 @@ function random(size) {
     }
     return result;
 }
+function base64urlencode(str) {
+    const base64 = typeof Buffer === 'undefined'
+        ? btoa(ab2str(str))
+        : Buffer.from(str).toString('base64');
+    return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+}
+function ab2str(buf) {
+    return String.fromCharCode.apply(null, Array.from(new Uint8Array(buf)));
+}

package/build/auth/oauth2/sha256.d.ts

@@ -0,0 +1,8 @@
+/**
+ * [js-sha256]{@link https://github.com/emn178/js-sha256}
+ * @version 0.11.0
+ * @author Chen, Yi-Cyuan [emn178@gmail.com]
+ * @copyright Chen, Yi-Cyuan 2014-2024
+ * @license MIT
+ */
+export declare function sha256(message: string): ArrayBuffer;

package/build/auth/oauth2/sha256.js

@@ -0,0 +1,278 @@
+/**
+ * [js-sha256]{@link https://github.com/emn178/js-sha256}
+ * @version 0.11.0
+ * @author Chen, Yi-Cyuan [emn178@gmail.com]
+ * @copyright Chen, Yi-Cyuan 2014-2024
+ * @license MIT
+ */
+// Inline here to avoid bringing in another library, cause:
+// 1. we have commited to a sync API (hopefully we'll change to async and
+// can start using the builtin crypto sha256), so we need a sync sha256,
+// but the existing sync sha256 libs are not ESM
+// 2. avoid bringing in a library for a single function
+const SHIFT = [24, 16, 8, 0];
+const EXTRA = [-2147483648, 8388608, 32768, 128];
+const K = [
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
+    0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
+    0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
+    0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
+    0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
+    0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
+];
+class SHA256 {
+    blocks;
+    h0;
+    h1;
+    h2;
+    h3;
+    h4;
+    h5;
+    h6;
+    h7;
+    block;
+    start;
+    bytes;
+    hBytes;
+    finalized;
+    hashed;
+    first;
+    lastByteIndex;
+    chromeBugWorkAround;
+    constructor() {
+        this.blocks = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
+        // 256
+        this.h0 = 0x6a09e667;
+        this.h1 = 0xbb67ae85;
+        this.h2 = 0x3c6ef372;
+        this.h3 = 0xa54ff53a;
+        this.h4 = 0x510e527f;
+        this.h5 = 0x9b05688c;
+        this.h6 = 0x1f83d9ab;
+        this.h7 = 0x5be0cd19;
+        this.block = this.start = this.bytes = this.hBytes = 0;
+        this.finalized = this.hashed = false;
+        this.first = true;
+    }
+    update(message) {
+        const blocks = this.blocks;
+        const length = message.length;
+        let code, index = 0, i;
+        while (index < length) {
+            if (this.hashed) {
+                this.hashed = false;
+                blocks[0] = this.block;
+                this.block =
+                    blocks[16] =
+                        blocks[1] =
+                            blocks[2] =
+                                blocks[3] =
+                                    blocks[4] =
+                                        blocks[5] =
+                                            blocks[6] =
+                                                blocks[7] =
+                                                    blocks[8] =
+                                                        blocks[9] =
+                                                            blocks[10] =
+                                                                blocks[11] =
+                                                                    blocks[12] =
+                                                                        blocks[13] =
+                                                                            blocks[14] =
+                                                                                blocks[15] =
+                                                                                    0;
+            }
+            for (i = this.start; index < length && i < 64; ++index) {
+                code = message.charCodeAt(index);
+                if (code < 0x80) {
+                    blocks[i >>> 2] |= code << SHIFT[i++ & 3];
+                }
+                else if (code < 0x800) {
+                    blocks[i >>> 2] |= (0xc0 | (code >>> 6)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3];
+                }
+                else if (code < 0xd800 || code >= 0xe000) {
+                    blocks[i >>> 2] |= (0xe0 | (code >>> 12)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | ((code >>> 6) & 0x3f)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3];
+                }
+                else {
+                    code =
+                        0x10000 +
+                            (((code & 0x3ff) << 10) | (message.charCodeAt(++index) & 0x3ff));
+                    blocks[i >>> 2] |= (0xf0 | (code >>> 18)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | ((code >>> 12) & 0x3f)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | ((code >>> 6) & 0x3f)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3];
+                }
+            }
+            this.lastByteIndex = i;
+            this.bytes += i - this.start;
+            if (i >= 64) {
+                this.block = blocks[16];
+                this.start = i - 64;
+                this.hash();
+                this.hashed = true;
+            }
+            else {
+                this.start = i;
+            }
+        }
+        if (this.bytes > 4294967295) {
+            this.hBytes += (this.bytes / 4294967296) << 0;
+            this.bytes = this.bytes % 4294967296;
+        }
+        return this;
+    }
+    hash() {
+        const blocks = this.blocks;
+        let a = this.h0, b = this.h1, c = this.h2, d = this.h3, e = this.h4, f = this.h5, g = this.h6, h = this.h7, j, s0, s1, maj, t1, t2, ch, ab, da, cd, bc;
+        for (j = 16; j < 64; ++j) {
+            // rightrotate
+            t1 = blocks[j - 15];
+            s0 = ((t1 >>> 7) | (t1 << 25)) ^ ((t1 >>> 18) | (t1 << 14)) ^ (t1 >>> 3);
+            t1 = blocks[j - 2];
+            s1 =
+                ((t1 >>> 17) | (t1 << 15)) ^ ((t1 >>> 19) | (t1 << 13)) ^ (t1 >>> 10);
+            blocks[j] = (blocks[j - 16] + s0 + blocks[j - 7] + s1) << 0;
+        }
+        bc = b & c;
+        for (j = 0; j < 64; j += 4) {
+            if (this.first) {
+                ab = 704751109;
+                t1 = blocks[0] - 210244248;
+                h = (t1 - 1521486534) << 0;
+                d = (t1 + 143694565) << 0;
+                this.first = false;
+            }
+            else {
+                s0 =
+                    ((a >>> 2) | (a << 30)) ^
+                        ((a >>> 13) | (a << 19)) ^
+                        ((a >>> 22) | (a << 10));
+                s1 =
+                    ((e >>> 6) | (e << 26)) ^
+                        ((e >>> 11) | (e << 21)) ^
+                        ((e >>> 25) | (e << 7));
+                ab = a & b;
+                maj = ab ^ (a & c) ^ bc;
+                ch = (e & f) ^ (~e & g);
+                t1 = h + s1 + ch + K[j] + blocks[j];
+                t2 = s0 + maj;
+                h = (d + t1) << 0;
+                d = (t1 + t2) << 0;
+            }
+            s0 =
+                ((d >>> 2) | (d << 30)) ^
+                    ((d >>> 13) | (d << 19)) ^
+                    ((d >>> 22) | (d << 10));
+            s1 =
+                ((h >>> 6) | (h << 26)) ^
+                    ((h >>> 11) | (h << 21)) ^
+                    ((h >>> 25) | (h << 7));
+            da = d & a;
+            maj = da ^ (d & b) ^ ab;
+            ch = (h & e) ^ (~h & f);
+            t1 = g + s1 + ch + K[j + 1] + blocks[j + 1];
+            t2 = s0 + maj;
+            g = (c + t1) << 0;
+            c = (t1 + t2) << 0;
+            s0 =
+                ((c >>> 2) | (c << 30)) ^
+                    ((c >>> 13) | (c << 19)) ^
+                    ((c >>> 22) | (c << 10));
+            s1 =
+                ((g >>> 6) | (g << 26)) ^
+                    ((g >>> 11) | (g << 21)) ^
+                    ((g >>> 25) | (g << 7));
+            cd = c & d;
+            maj = cd ^ (c & a) ^ da;
+            ch = (g & h) ^ (~g & e);
+            t1 = f + s1 + ch + K[j + 2] + blocks[j + 2];
+            t2 = s0 + maj;
+            f = (b + t1) << 0;
+            b = (t1 + t2) << 0;
+            s0 =
+                ((b >>> 2) | (b << 30)) ^
+                    ((b >>> 13) | (b << 19)) ^
+                    ((b >>> 22) | (b << 10));
+            s1 =
+                ((f >>> 6) | (f << 26)) ^
+                    ((f >>> 11) | (f << 21)) ^
+                    ((f >>> 25) | (f << 7));
+            bc = b & c;
+            maj = bc ^ (b & d) ^ cd;
+            ch = (f & g) ^ (~f & h);
+            t1 = e + s1 + ch + K[j + 3] + blocks[j + 3];
+            t2 = s0 + maj;
+            e = (a + t1) << 0;
+            a = (t1 + t2) << 0;
+            this.chromeBugWorkAround = true;
+        }
+        this.h0 = (this.h0 + a) << 0;
+        this.h1 = (this.h1 + b) << 0;
+        this.h2 = (this.h2 + c) << 0;
+        this.h3 = (this.h3 + d) << 0;
+        this.h4 = (this.h4 + e) << 0;
+        this.h5 = (this.h5 + f) << 0;
+        this.h6 = (this.h6 + g) << 0;
+        this.h7 = (this.h7 + h) << 0;
+    }
+    finalize() {
+        if (this.finalized) {
+            return;
+        }
+        this.finalized = true;
+        const blocks = this.blocks, i = this.lastByteIndex;
+        blocks[16] = this.block;
+        blocks[i >>> 2] |= EXTRA[i & 3];
+        this.block = blocks[16];
+        if (i >= 56) {
+            if (!this.hashed) {
+                this.hash();
+            }
+            blocks[0] = this.block;
+            blocks[16] =
+                blocks[1] =
+                    blocks[2] =
+                        blocks[3] =
+                            blocks[4] =
+                                blocks[5] =
+                                    blocks[6] =
+                                        blocks[7] =
+                                            blocks[8] =
+                                                blocks[9] =
+                                                    blocks[10] =
+                                                        blocks[11] =
+                                                            blocks[12] =
+                                                                blocks[13] =
+                                                                    blocks[14] =
+                                                                        blocks[15] =
+                                                                            0;
+        }
+        blocks[14] = (this.hBytes << 3) | (this.bytes >>> 29);
+        blocks[15] = this.bytes << 3;
+        this.hash();
+    }
+    arrayBuffer() {
+        this.finalize();
+        const buffer = new ArrayBuffer(32);
+        const dataView = new DataView(buffer);
+        dataView.setUint32(0, this.h0);
+        dataView.setUint32(4, this.h1);
+        dataView.setUint32(8, this.h2);
+        dataView.setUint32(12, this.h3);
+        dataView.setUint32(16, this.h4);
+        dataView.setUint32(20, this.h5);
+        dataView.setUint32(24, this.h6);
+        dataView.setUint32(28, this.h7);
+        return buffer;
+    }
+}
+export function sha256(message) {
+    return new SHA256().update(message).arrayBuffer();
+}

package/build/common.d.ts

@@ -1,4 +1,3 @@
 export declare const PUBLIC_METADATA_KEY = "__metadata";
-export declare const API_URL = "www.wixapis.com";
-export declare const READ_ONLY_API_URL = "readonly.wixapis.com";
+export declare const DEFAULT_API_URL = "www.wixapis.com";
 export declare const FORCE_WRITE_API_URLS: string[];

package/build/common.js

@@ -1,4 +1,3 @@
 export const PUBLIC_METADATA_KEY = '__metadata';
-export const API_URL = 'www.wixapis.com';
-export const READ_ONLY_API_URL = 'readonly.wixapis.com';
+export const DEFAULT_API_URL = 'www.wixapis.com';
 export const FORCE_WRITE_API_URLS = ['/ecom/v1/carts/current'];

package/build/index.d.ts

@@ -5,5 +5,4 @@ export * from './auth/oauth2/types.js';
 export * from './auth/ApiKeyAuthStrategy.js';
 export * from './auth/AppStrategy.js';
 export * from '@wix/sdk-types';
-export { getDefaultDomain } from './rest-modules.js';
-export { API_URL } from './common.js';
+export { DEFAULT_API_URL } from './common.js';

package/build/index.js

@@ -5,5 +5,4 @@ export * from './auth/oauth2/types.js';
 export * from './auth/ApiKeyAuthStrategy.js';
 export * from './auth/AppStrategy.js';
 export * from '@wix/sdk-types';
-export { getDefaultDomain } from './rest-modules.js';
-export { API_URL } from './common.js';
+export { DEFAULT_API_URL } from './common.js';

package/build/rest-modules.d.ts

@@ -2,5 +2,4 @@ import { BuildRESTFunction, PublicMetadata, RESTFunctionDescriptor } from '@wix/
 export type RESTModuleOptions = {
     HTTPHost?: string;
 };
-export declare const getDefaultDomain: (_method: string, _url: string) => string;
 export declare function buildRESTDescriptor<T extends RESTFunctionDescriptor>(origFunc: T, publicMetadata: PublicMetadata, boundFetch: typeof fetch, wixAPIFetch: (relativeUrl: string, options: RequestInit) => Promise<Response>, options?: RESTModuleOptions): BuildRESTFunction<T>;

package/build/rest-modules.js

@@ -1,18 +1,19 @@
 import { biHeaderGenerator } from './bi/biHeaderGenerator.js';
-import { API_URL } from './common.js';
+import { DEFAULT_API_URL } from './common.js';
 import { runWithoutContext } from '@wix/sdk-runtime/context';
-export const getDefaultDomain = (_method, _url) => API_URL;
 export function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, wixAPIFetch, options) {
     return runWithoutContext(() => origFunc({
         request: async (factory) => {
-            const requestOptions = factory({ host: options?.HTTPHost || API_URL });
+            const requestOptions = factory({
+                host: options?.HTTPHost || DEFAULT_API_URL,
+            });
             let request = requestOptions;
             if (request.method === 'GET' &&
                 request.fallback?.length &&
                 request.params.toString().length > 4000) {
                 request = requestOptions.fallback[0];
             }
-            const domain = options?.HTTPHost ?? getDefaultDomain(request.method, request.url);
+            const domain = options?.HTTPHost ?? DEFAULT_API_URL;
             let url = `https://${domain}${request.url}`;
             if (request.params && request.params.toString()) {
                 url += `?${request.params.toString()}`;

package/build/wixClient.js

@@ -1,7 +1,7 @@
 import { wixContext } from '@wix/sdk-context';
 import { SERVICE_PLUGIN_ERROR_TYPE, } from '@wix/sdk-types';
-import { ambassadorModuleOptions, isAmbassadorModule, toHTTPModule, } from './ambassador-modules.js';
-import { API_URL, PUBLIC_METADATA_KEY } from './common.js';
+import { isAmbassadorModule, toHTTPModule } from './ambassador-modules.js';
+import { DEFAULT_API_URL, PUBLIC_METADATA_KEY } from './common.js';
 import { FetchErrorResponse } from './fetch-error.js';
 import { getDefaultContentHeader, isObject } from './helpers.js';
 import { buildHostModule, isHostModule } from './host-modules.js';
@@ -52,18 +52,15 @@ export function createClient(config) {
             if ('__type' in modules && modules.__type === SERVICE_PLUGIN_ERROR_TYPE) {
                 return modules;
             }
-            const { module, options } = runWithoutContext(() => isAmbassadorModule(modules))
-                ? {
-                    module: toHTTPModule(modules),
-                    options: ambassadorModuleOptions(),
-                }
-                : { module: modules, options: undefined };
-            return buildRESTDescriptor(module, metadata ?? {}, boundFetch, (relativeUrl, fetchOptions) => {
-                const finalUrl = new URL(relativeUrl, `https://${API_URL}`);
-                finalUrl.host = API_URL;
+            const apiBaseUrl = config.host?.apiBaseUrl ?? DEFAULT_API_URL;
+            return buildRESTDescriptor(runWithoutContext(() => isAmbassadorModule(modules))
+                ? toHTTPModule(modules)
+                : modules, metadata ?? {}, boundFetch, (relativeUrl, fetchOptions) => {
+                const finalUrl = new URL(relativeUrl, `https://${apiBaseUrl}`);
+                finalUrl.host = apiBaseUrl;
                 finalUrl.protocol = 'https';
                 return boundFetch(finalUrl.toString(), fetchOptions);
-            }, options);
+            }, { HTTPHost: apiBaseUrl });
         }
         else if (isObject(modules)) {
             return Object.fromEntries(Object.entries(modules).map(([key, value]) => {
@@ -116,8 +113,9 @@ export function createClient(config) {
             }
         },
         fetch: (relativeUrl, options) => {
-            const finalUrl = new URL(relativeUrl, `https://${API_URL}`);
-            finalUrl.host = API_URL;
+            const apiBaseUrl = config.host?.apiBaseUrl ?? DEFAULT_API_URL;
+            const finalUrl = new URL(relativeUrl, `https://${apiBaseUrl}`);
+            finalUrl.host = apiBaseUrl;
             finalUrl.protocol = 'https';
             return boundFetch(finalUrl.toString(), options);
         },
@@ -141,7 +139,8 @@ export function createClient(config) {
         async graphql(query, variables, opts = {
             apiVersion: 'alpha',
         }) {
-            const res = await boundFetch(`https://${API_URL}/graphql/${opts.apiVersion}`, {
+            const apiBaseUrl = config?.host?.apiBaseUrl ?? DEFAULT_API_URL;
+            const res = await boundFetch(`https://${apiBaseUrl}/graphql/${opts.apiVersion}`, {
                 method: 'POST',
                 headers: {
                     'Content-Type': 'application/json',

package/cjs/build/ambassador-modules.d.ts

@@ -1,5 +1,3 @@
 import type { HttpClient as SDKHttpClient, AmbassadorFactory } from '@wix/sdk-types';
-import { RESTModuleOptions } from './rest-modules.js';
 export declare const toHTTPModule: <Request_1, Response_1>(factory: AmbassadorFactory<Request_1, Response_1>) => (httpClient: SDKHttpClient) => (payload: Request_1) => Promise<Response_1>;
-export declare const ambassadorModuleOptions: () => RESTModuleOptions;
 export declare const isAmbassadorModule: (module: any) => boolean;

package/cjs/build/ambassador-modules.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isAmbassadorModule = exports.ambassadorModuleOptions = exports.toHTTPModule = void 0;
+exports.isAmbassadorModule = exports.toHTTPModule = void 0;
 const parseMethod = (method) => {
     switch (method) {
         case 'get':
@@ -77,10 +77,6 @@ const toHTTPModule = (factory) => (httpClient) => async (payload) => {
     }
 };
 exports.toHTTPModule = toHTTPModule;
-const ambassadorModuleOptions = () => ({
-    HTTPHost: self.location.host,
-});
-exports.ambassadorModuleOptions = ambassadorModuleOptions;
 /*
  * Because of issues with tree-shaking, we cant really put static parameter on module.
  * We still have check for __isAmbassador for backward compatibility

package/cjs/build/auth/oauth2/OAuthStrategy.js

@@ -362,7 +362,7 @@ function OAuthStrategy(config) {
 }
 exports.OAuthStrategy = OAuthStrategy;
 const fetchTokens = async (payload, headers = {}) => {
-    const res = await fetch(`https://${common_js_1.API_URL}/oauth2/token`, {
+    const res = await fetch(`https://${common_js_1.DEFAULT_API_URL}/oauth2/token`, {
         method: 'POST',
         body: JSON.stringify(payload),
         headers: {

package/cjs/build/auth/oauth2/pkce-challenge.js

@@ -1,11 +1,7 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.generateChallenge = exports.pkceChallenge = void 0;
-const sha256_js_1 = __importDefault(require("crypto-js/sha256.js"));
-const enc_base64url_js_1 = __importDefault(require("crypto-js/enc-base64url.js"));
+const sha256_js_1 = require("./sha256.js");
 function pkceChallenge(length) {
     if (!length) {
         length = 43;
@@ -25,7 +21,7 @@ function generateVerifier(length) {
     return random(length);
 }
 function generateChallenge(code_verifier) {
-    return (0, sha256_js_1.default)(code_verifier).toString(enc_base64url_js_1.default);
+    return base64urlencode((0, sha256_js_1.sha256)(code_verifier));
 }
 exports.generateChallenge = generateChallenge;
 function random(size) {
@@ -39,3 +35,12 @@ function random(size) {
     }
     return result;
 }
+function base64urlencode(str) {
+    const base64 = typeof Buffer === 'undefined'
+        ? btoa(ab2str(str))
+        : Buffer.from(str).toString('base64');
+    return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+}
+function ab2str(buf) {
+    return String.fromCharCode.apply(null, Array.from(new Uint8Array(buf)));
+}

package/cjs/build/auth/oauth2/sha256.d.ts

@@ -0,0 +1,8 @@
+/**
+ * [js-sha256]{@link https://github.com/emn178/js-sha256}
+ * @version 0.11.0
+ * @author Chen, Yi-Cyuan [emn178@gmail.com]
+ * @copyright Chen, Yi-Cyuan 2014-2024
+ * @license MIT
+ */
+export declare function sha256(message: string): ArrayBuffer;

package/cjs/build/auth/oauth2/sha256.js

@@ -0,0 +1,282 @@
+"use strict";
+/**
+ * [js-sha256]{@link https://github.com/emn178/js-sha256}
+ * @version 0.11.0
+ * @author Chen, Yi-Cyuan [emn178@gmail.com]
+ * @copyright Chen, Yi-Cyuan 2014-2024
+ * @license MIT
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sha256 = void 0;
+// Inline here to avoid bringing in another library, cause:
+// 1. we have commited to a sync API (hopefully we'll change to async and
+// can start using the builtin crypto sha256), so we need a sync sha256,
+// but the existing sync sha256 libs are not ESM
+// 2. avoid bringing in a library for a single function
+const SHIFT = [24, 16, 8, 0];
+const EXTRA = [-2147483648, 8388608, 32768, 128];
+const K = [
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
+    0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
+    0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
+    0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
+    0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
+    0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
+];
+class SHA256 {
+    blocks;
+    h0;
+    h1;
+    h2;
+    h3;
+    h4;
+    h5;
+    h6;
+    h7;
+    block;
+    start;
+    bytes;
+    hBytes;
+    finalized;
+    hashed;
+    first;
+    lastByteIndex;
+    chromeBugWorkAround;
+    constructor() {
+        this.blocks = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
+        // 256
+        this.h0 = 0x6a09e667;
+        this.h1 = 0xbb67ae85;
+        this.h2 = 0x3c6ef372;
+        this.h3 = 0xa54ff53a;
+        this.h4 = 0x510e527f;
+        this.h5 = 0x9b05688c;
+        this.h6 = 0x1f83d9ab;
+        this.h7 = 0x5be0cd19;
+        this.block = this.start = this.bytes = this.hBytes = 0;
+        this.finalized = this.hashed = false;
+        this.first = true;
+    }
+    update(message) {
+        const blocks = this.blocks;
+        const length = message.length;
+        let code, index = 0, i;
+        while (index < length) {
+            if (this.hashed) {
+                this.hashed = false;
+                blocks[0] = this.block;
+                this.block =
+                    blocks[16] =
+                        blocks[1] =
+                            blocks[2] =
+                                blocks[3] =
+                                    blocks[4] =
+                                        blocks[5] =
+                                            blocks[6] =
+                                                blocks[7] =
+                                                    blocks[8] =
+                                                        blocks[9] =
+                                                            blocks[10] =
+                                                                blocks[11] =
+                                                                    blocks[12] =
+                                                                        blocks[13] =
+                                                                            blocks[14] =
+                                                                                blocks[15] =
+                                                                                    0;
+            }
+            for (i = this.start; index < length && i < 64; ++index) {
+                code = message.charCodeAt(index);
+                if (code < 0x80) {
+                    blocks[i >>> 2] |= code << SHIFT[i++ & 3];
+                }
+                else if (code < 0x800) {
+                    blocks[i >>> 2] |= (0xc0 | (code >>> 6)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3];
+                }
+                else if (code < 0xd800 || code >= 0xe000) {
+                    blocks[i >>> 2] |= (0xe0 | (code >>> 12)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | ((code >>> 6) & 0x3f)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3];
+                }
+                else {
+                    code =
+                        0x10000 +
+                            (((code & 0x3ff) << 10) | (message.charCodeAt(++index) & 0x3ff));
+                    blocks[i >>> 2] |= (0xf0 | (code >>> 18)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | ((code >>> 12) & 0x3f)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | ((code >>> 6) & 0x3f)) << SHIFT[i++ & 3];
+                    blocks[i >>> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3];
+                }
+            }
+            this.lastByteIndex = i;
+            this.bytes += i - this.start;
+            if (i >= 64) {
+                this.block = blocks[16];
+                this.start = i - 64;
+                this.hash();
+                this.hashed = true;
+            }
+            else {
+                this.start = i;
+            }
+        }
+        if (this.bytes > 4294967295) {
+            this.hBytes += (this.bytes / 4294967296) << 0;
+            this.bytes = this.bytes % 4294967296;
+        }
+        return this;
+    }
+    hash() {
+        const blocks = this.blocks;
+        let a = this.h0, b = this.h1, c = this.h2, d = this.h3, e = this.h4, f = this.h5, g = this.h6, h = this.h7, j, s0, s1, maj, t1, t2, ch, ab, da, cd, bc;
+        for (j = 16; j < 64; ++j) {
+            // rightrotate
+            t1 = blocks[j - 15];
+            s0 = ((t1 >>> 7) | (t1 << 25)) ^ ((t1 >>> 18) | (t1 << 14)) ^ (t1 >>> 3);
+            t1 = blocks[j - 2];
+            s1 =
+                ((t1 >>> 17) | (t1 << 15)) ^ ((t1 >>> 19) | (t1 << 13)) ^ (t1 >>> 10);
+            blocks[j] = (blocks[j - 16] + s0 + blocks[j - 7] + s1) << 0;
+        }
+        bc = b & c;
+        for (j = 0; j < 64; j += 4) {
+            if (this.first) {
+                ab = 704751109;
+                t1 = blocks[0] - 210244248;
+                h = (t1 - 1521486534) << 0;
+                d = (t1 + 143694565) << 0;
+                this.first = false;
+            }
+            else {
+                s0 =
+                    ((a >>> 2) | (a << 30)) ^
+                        ((a >>> 13) | (a << 19)) ^
+                        ((a >>> 22) | (a << 10));
+                s1 =
+                    ((e >>> 6) | (e << 26)) ^
+                        ((e >>> 11) | (e << 21)) ^
+                        ((e >>> 25) | (e << 7));
+                ab = a & b;
+                maj = ab ^ (a & c) ^ bc;
+                ch = (e & f) ^ (~e & g);
+                t1 = h + s1 + ch + K[j] + blocks[j];
+                t2 = s0 + maj;
+                h = (d + t1) << 0;
+                d = (t1 + t2) << 0;
+            }
+            s0 =
+                ((d >>> 2) | (d << 30)) ^
+                    ((d >>> 13) | (d << 19)) ^
+                    ((d >>> 22) | (d << 10));
+            s1 =
+                ((h >>> 6) | (h << 26)) ^
+                    ((h >>> 11) | (h << 21)) ^
+                    ((h >>> 25) | (h << 7));
+            da = d & a;
+            maj = da ^ (d & b) ^ ab;
+            ch = (h & e) ^ (~h & f);
+            t1 = g + s1 + ch + K[j + 1] + blocks[j + 1];
+            t2 = s0 + maj;
+            g = (c + t1) << 0;
+            c = (t1 + t2) << 0;
+            s0 =
+                ((c >>> 2) | (c << 30)) ^
+                    ((c >>> 13) | (c << 19)) ^
+                    ((c >>> 22) | (c << 10));
+            s1 =
+                ((g >>> 6) | (g << 26)) ^
+                    ((g >>> 11) | (g << 21)) ^
+                    ((g >>> 25) | (g << 7));
+            cd = c & d;
+            maj = cd ^ (c & a) ^ da;
+            ch = (g & h) ^ (~g & e);
+            t1 = f + s1 + ch + K[j + 2] + blocks[j + 2];
+            t2 = s0 + maj;
+            f = (b + t1) << 0;
+            b = (t1 + t2) << 0;
+            s0 =
+                ((b >>> 2) | (b << 30)) ^
+                    ((b >>> 13) | (b << 19)) ^
+                    ((b >>> 22) | (b << 10));
+            s1 =
+                ((f >>> 6) | (f << 26)) ^
+                    ((f >>> 11) | (f << 21)) ^
+                    ((f >>> 25) | (f << 7));
+            bc = b & c;
+            maj = bc ^ (b & d) ^ cd;
+            ch = (f & g) ^ (~f & h);
+            t1 = e + s1 + ch + K[j + 3] + blocks[j + 3];
+            t2 = s0 + maj;
+            e = (a + t1) << 0;
+            a = (t1 + t2) << 0;
+            this.chromeBugWorkAround = true;
+        }
+        this.h0 = (this.h0 + a) << 0;
+        this.h1 = (this.h1 + b) << 0;
+        this.h2 = (this.h2 + c) << 0;
+        this.h3 = (this.h3 + d) << 0;
+        this.h4 = (this.h4 + e) << 0;
+        this.h5 = (this.h5 + f) << 0;
+        this.h6 = (this.h6 + g) << 0;
+        this.h7 = (this.h7 + h) << 0;
+    }
+    finalize() {
+        if (this.finalized) {
+            return;
+        }
+        this.finalized = true;
+        const blocks = this.blocks, i = this.lastByteIndex;
+        blocks[16] = this.block;
+        blocks[i >>> 2] |= EXTRA[i & 3];
+        this.block = blocks[16];
+        if (i >= 56) {
+            if (!this.hashed) {
+                this.hash();
+            }
+            blocks[0] = this.block;
+            blocks[16] =
+                blocks[1] =
+                    blocks[2] =
+                        blocks[3] =
+                            blocks[4] =
+                                blocks[5] =
+                                    blocks[6] =
+                                        blocks[7] =
+                                            blocks[8] =
+                                                blocks[9] =
+                                                    blocks[10] =
+                                                        blocks[11] =
+                                                            blocks[12] =
+                                                                blocks[13] =
+                                                                    blocks[14] =
+                                                                        blocks[15] =
+                                                                            0;
+        }
+        blocks[14] = (this.hBytes << 3) | (this.bytes >>> 29);
+        blocks[15] = this.bytes << 3;
+        this.hash();
+    }
+    arrayBuffer() {
+        this.finalize();
+        const buffer = new ArrayBuffer(32);
+        const dataView = new DataView(buffer);
+        dataView.setUint32(0, this.h0);
+        dataView.setUint32(4, this.h1);
+        dataView.setUint32(8, this.h2);
+        dataView.setUint32(12, this.h3);
+        dataView.setUint32(16, this.h4);
+        dataView.setUint32(20, this.h5);
+        dataView.setUint32(24, this.h6);
+        dataView.setUint32(28, this.h7);
+        return buffer;
+    }
+}
+function sha256(message) {
+    return new SHA256().update(message).arrayBuffer();
+}
+exports.sha256 = sha256;

package/cjs/build/common.d.ts

@@ -1,4 +1,3 @@
 export declare const PUBLIC_METADATA_KEY = "__metadata";
-export declare const API_URL = "www.wixapis.com";
-export declare const READ_ONLY_API_URL = "readonly.wixapis.com";
+export declare const DEFAULT_API_URL = "www.wixapis.com";
 export declare const FORCE_WRITE_API_URLS: string[];

package/cjs/build/common.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.FORCE_WRITE_API_URLS = exports.READ_ONLY_API_URL = exports.API_URL = exports.PUBLIC_METADATA_KEY = void 0;
+exports.FORCE_WRITE_API_URLS = exports.DEFAULT_API_URL = exports.PUBLIC_METADATA_KEY = void 0;
 exports.PUBLIC_METADATA_KEY = '__metadata';
-exports.API_URL = 'www.wixapis.com';
-exports.READ_ONLY_API_URL = 'readonly.wixapis.com';
+exports.DEFAULT_API_URL = 'www.wixapis.com';
 exports.FORCE_WRITE_API_URLS = ['/ecom/v1/carts/current'];

package/cjs/build/index.d.ts

@@ -5,5 +5,4 @@ export * from './auth/oauth2/types.js';
 export * from './auth/ApiKeyAuthStrategy.js';
 export * from './auth/AppStrategy.js';
 export * from '@wix/sdk-types';
-export { getDefaultDomain } from './rest-modules.js';
-export { API_URL } from './common.js';
+export { DEFAULT_API_URL } from './common.js';

package/cjs/build/index.js

@@ -14,7 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.API_URL = exports.getDefaultDomain = void 0;
+exports.DEFAULT_API_URL = void 0;
 __exportStar(require("./wixClient.js"), exports);
 __exportStar(require("./wixMedia.js"), exports);
 __exportStar(require("./auth/oauth2/OAuthStrategy.js"), exports);
@@ -22,7 +22,5 @@ __exportStar(require("./auth/oauth2/types.js"), exports);
 __exportStar(require("./auth/ApiKeyAuthStrategy.js"), exports);
 __exportStar(require("./auth/AppStrategy.js"), exports);
 __exportStar(require("@wix/sdk-types"), exports);
-var rest_modules_js_1 = require("./rest-modules.js");
-Object.defineProperty(exports, "getDefaultDomain", { enumerable: true, get: function () { return rest_modules_js_1.getDefaultDomain; } });
 var common_js_1 = require("./common.js");
-Object.defineProperty(exports, "API_URL", { enumerable: true, get: function () { return common_js_1.API_URL; } });
+Object.defineProperty(exports, "DEFAULT_API_URL", { enumerable: true, get: function () { return common_js_1.DEFAULT_API_URL; } });

package/cjs/build/rest-modules.d.ts

@@ -2,5 +2,4 @@ import { BuildRESTFunction, PublicMetadata, RESTFunctionDescriptor } from '@wix/
 export type RESTModuleOptions = {
     HTTPHost?: string;
 };
-export declare const getDefaultDomain: (_method: string, _url: string) => string;
 export declare function buildRESTDescriptor<T extends RESTFunctionDescriptor>(origFunc: T, publicMetadata: PublicMetadata, boundFetch: typeof fetch, wixAPIFetch: (relativeUrl: string, options: RequestInit) => Promise<Response>, options?: RESTModuleOptions): BuildRESTFunction<T>;

package/cjs/build/rest-modules.js

@@ -1,22 +1,22 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.buildRESTDescriptor = exports.getDefaultDomain = void 0;
+exports.buildRESTDescriptor = void 0;
 const biHeaderGenerator_js_1 = require("./bi/biHeaderGenerator.js");
 const common_js_1 = require("./common.js");
 const context_1 = require("@wix/sdk-runtime/context");
-const getDefaultDomain = (_method, _url) => common_js_1.API_URL;
-exports.getDefaultDomain = getDefaultDomain;
 function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, wixAPIFetch, options) {
     return (0, context_1.runWithoutContext)(() => origFunc({
         request: async (factory) => {
-            const requestOptions = factory({ host: options?.HTTPHost || common_js_1.API_URL });
+            const requestOptions = factory({
+                host: options?.HTTPHost || common_js_1.DEFAULT_API_URL,
+            });
             let request = requestOptions;
             if (request.method === 'GET' &&
                 request.fallback?.length &&
                 request.params.toString().length > 4000) {
                 request = requestOptions.fallback[0];
             }
-            const domain = options?.HTTPHost ?? (0, exports.getDefaultDomain)(request.method, request.url);
+            const domain = options?.HTTPHost ?? common_js_1.DEFAULT_API_URL;
             let url = `https://${domain}${request.url}`;
             if (request.params && request.params.toString()) {
                 url += `?${request.params.toString()}`;

package/cjs/build/wixClient.js

@@ -55,18 +55,15 @@ function createClient(config) {
             if ('__type' in modules && modules.__type === sdk_types_1.SERVICE_PLUGIN_ERROR_TYPE) {
                 return modules;
             }
-            const { module, options } = (0, context_1.runWithoutContext)(() => (0, ambassador_modules_js_1.isAmbassadorModule)(modules))
-                ? {
-                    module: (0, ambassador_modules_js_1.toHTTPModule)(modules),
-                    options: (0, ambassador_modules_js_1.ambassadorModuleOptions)(),
-                }
-                : { module: modules, options: undefined };
-            return (0, rest_modules_js_1.buildRESTDescriptor)(module, metadata ?? {}, boundFetch, (relativeUrl, fetchOptions) => {
-                const finalUrl = new URL(relativeUrl, `https://${common_js_1.API_URL}`);
-                finalUrl.host = common_js_1.API_URL;
+            const apiBaseUrl = config.host?.apiBaseUrl ?? common_js_1.DEFAULT_API_URL;
+            return (0, rest_modules_js_1.buildRESTDescriptor)((0, context_1.runWithoutContext)(() => (0, ambassador_modules_js_1.isAmbassadorModule)(modules))
+                ? (0, ambassador_modules_js_1.toHTTPModule)(modules)
+                : modules, metadata ?? {}, boundFetch, (relativeUrl, fetchOptions) => {
+                const finalUrl = new URL(relativeUrl, `https://${apiBaseUrl}`);
+                finalUrl.host = apiBaseUrl;
                 finalUrl.protocol = 'https';
                 return boundFetch(finalUrl.toString(), fetchOptions);
-            }, options);
+            }, { HTTPHost: apiBaseUrl });
         }
         else if ((0, helpers_js_1.isObject)(modules)) {
             return Object.fromEntries(Object.entries(modules).map(([key, value]) => {
@@ -119,8 +116,9 @@ function createClient(config) {
             }
         },
         fetch: (relativeUrl, options) => {
-            const finalUrl = new URL(relativeUrl, `https://${common_js_1.API_URL}`);
-            finalUrl.host = common_js_1.API_URL;
+            const apiBaseUrl = config.host?.apiBaseUrl ?? common_js_1.DEFAULT_API_URL;
+            const finalUrl = new URL(relativeUrl, `https://${apiBaseUrl}`);
+            finalUrl.host = apiBaseUrl;
             finalUrl.protocol = 'https';
             return boundFetch(finalUrl.toString(), options);
         },
@@ -144,7 +142,8 @@ function createClient(config) {
         async graphql(query, variables, opts = {
             apiVersion: 'alpha',
         }) {
-            const res = await boundFetch(`https://${common_js_1.API_URL}/graphql/${opts.apiVersion}`, {
+            const apiBaseUrl = config?.host?.apiBaseUrl ?? common_js_1.DEFAULT_API_URL;
+            const res = await boundFetch(`https://${apiBaseUrl}/graphql/${opts.apiVersion}`, {
                 method: 'POST',
                 headers: {
                     'Content-Type': 'application/json',

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wix/sdk",
-  "version": "1.12.11",
+  "version": "1.12.13",
   "license": "UNLICENSED",
   "author": {
     "name": "Ronny Ringel",
@@ -65,14 +65,12 @@
   "dependencies": {
     "@babel/runtime": "^7.23.2",
     "@wix/identity": "^1.0.78",
-    "@wix/image-kit": "^1.78.0",
+    "@wix/image-kit": "^1.83.0",
     "@wix/redirects": "^1.0.41",
     "@wix/sdk-context": "^0.0.1",
-    "@wix/sdk-runtime": "0.3.15",
-    "@wix/sdk-types": "^1.9.2",
-    "crypto-js": "^4.2.0",
+    "@wix/sdk-runtime": "0.3.18",
+    "@wix/sdk-types": "^1.10.0",
     "jose": "^5.2.1",
-    "pkce-challenge": "^3.1.0",
     "querystring": "^0.2.1",
     "type-fest": "^4.9.0"
   },
@@ -80,7 +78,6 @@
     "graphql": "^0.8.0 || ^0.9.0 || ^0.10.0 || ^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0 || ^15.0.0 || ^16.0.0 || ^17.0.0"
   },
   "devDependencies": {
-    "@types/crypto-js": "^4.2.1",
     "@types/is-ci": "^3.0.4",
     "@types/node": "^20.10.6",
     "@vitest/ui": "^1.5.0",
@@ -88,13 +85,13 @@
     "@wix/events": "^1.0.179",
     "@wix/metro": "^1.0.73",
     "@wix/metro-runtime": "^1.1677.0",
-    "@wix/sdk-runtime": "0.3.15",
+    "@wix/sdk-runtime": "0.3.18",
     "eslint": "^8.56.0",
     "eslint-config-sdk": "0.0.0",
     "graphql": "^16.8.0",
     "is-ci": "^3.0.1",
     "jsdom": "^22.1.0",
-    "msw": "^2.0.12",
+    "msw": "^2.4.5",
     "typescript": "^5.3.3",
     "vitest": "^1.5.0",
     "vitest-teamcity-reporter": "^0.3.0"
@@ -122,5 +119,5 @@
   "wallaby": {
     "autoDetect": true
   },
-  "falconPackageHash": "50581ffffc42c024dba24d7ca3d381813b0485255f42bcc8eecbd2a1"
+  "falconPackageHash": "b1f56afb5f401e2aa11769c9e887f152fbce4bee17f7d7c651c43a30"
 }